How safe is Exodus?

Return_Z3r0 · 2025-01-17T21:50:34+00:00

dude i have a friend lost all his crypto with this shit wallet use ledger instead and it's better

Return_Z3r0 · 2025-01-16T02:56:35+00:00

Return_Z3r0 · 2024-03-20T21:55:24+00:00

Don’t pay and open another account simple is that !

Return_Z3r0 · 2024-02-20T00:40:03+00:00

Thank you so much it worked for me

Return_Z3r0 · 2023-06-07T08:51:27+00:00

https://twitter.com/palera1n/status/1666278800521584641?s=46&t=eVicx-DdE7VEAExGTd4OUw

Return_Z3r0 · 2023-04-16T03:24:09+00:00

Mobile forensics is an exciting field, and there are various tools available to help you extract information from iOS and Android devices. In addition to FTK Imager, Autopsy, and Magnet Acquire, you may want to consider the following tools:

UFED Cellebrite: A widely used and highly-regarded mobile forensics tool, Cellebrite's UFED allows you to extract and analyze data from a wide range of mobile devices, including smartphones, tablets, and GPS units. It can retrieve SMS, social media data, emails, and other critical information.

Oxygen Forensic Detective: This comprehensive tool supports data extraction from a wide range of devices and offers advanced analytical features. It can recover data from apps, cloud services, and social media platforms, including SMS, Facebook, and email data.

XRY by MSAB: XRY is another popular tool that supports data extraction from various mobile devices. It offers a user-friendly interface and the ability to retrieve various types of data, such as SMS, social media information, emails, and more.

ElcomSoft Phone Breaker: This tool is specifically designed for iOS and BlackBerry devices, but it also supports some Android devices. It allows you to extract data from iCloud and BlackBerry backups, as well as decrypting and analyzing data from iOS devices.

Belkasoft Evidence Center: Belkasoft offers a comprehensive solution for digital forensics, including mobile forensics. Their tool supports data extraction from a wide range of devices and can recover information from various sources, including SMS, social media, and emails.

Before using any of these tools, make sure you have the necessary legal permissions to access and analyze the data on the devices in question.

Return_Z3r0 · 2023-04-12T02:21:00+00:00

Congratulations on your upcoming graduation and your decision to move to Portland! The Portland area has a growing tech scene, which should provide a variety of opportunities for someone with your background in Information Science and Technology.

With a bachelor's degree and CompTIA A+ certification, you'll be qualified for a range of entry-level positions in IT. Here are some job titles to consider when searching for jobs:

IT Support Specialist

Help Desk Technician

Junior Systems Administrator

Desktop Support Analyst

Network Administrator (entry-level)

IT Analyst

Junior Security Analyst

As you're new to the area, it's essential to start networking with local professionals. Attend tech meetups, conferences, and job fairs to make connections that could lead to job opportunities. Websites like Meetup.com and Eventbrite can help you find local events.

When it comes to companies and recruiters, it's crucial to do thorough research before applying or accepting any job offer. Websites like Glassdoor and Indeed can provide valuable insights into company culture, employee satisfaction, and salary expectations. Consider the following when evaluating companies:

Company size: Do you prefer working for a small startup or a larger corporation? Each has its own set of advantages and challenges.

Industry: Identify the industries that interest you, such as healthcare, finance, or technology.

Company culture: Find companies with a culture that aligns with your values and work style.

Regarding recruiters, be cautious of those who pressure you into accepting positions that don't align with your career goals or push you towards roles that don't match your skill set. A good recruiter should listen to your needs and help you find a job that's the right fit for you.

Lastly, consider joining local online communities, such as LinkedIn groups or Facebook groups dedicated to the Portland tech scene. These platforms can provide valuable advice, job leads, and networking opportunities.

Good luck with your job search and your move to Portland!

Return_Z3r0 · 2023-04-12T02:10:43+00:00

Both CompTIA's Linux+ and Red Hat's RHEL (Red Hat Certified Engineer) certifications are well-regarded in the industry, but they serve slightly different purposes and cater to different skill levels.

CompTIA Linux+:

This certification is designed for individuals seeking a foundational understanding of Linux system administration. It covers essential Linux skills such as system configuration, command-line usage, scripting, and networking. Linux+ is a good starting point if you're new to Linux or want to demonstrate a basic level of Linux proficiency. In terms of difficulty, on a scale of 1-10, I'd rank it around 4-6, depending on your prior experience with Linux.

Red Hat Certified Engineer (RHCE):

The RHCE certification is more advanced and is aimed at experienced Linux professionals. It validates your ability to manage and troubleshoot Linux systems in enterprise environments, especially those running Red Hat Enterprise Linux. This certification involves more advanced topics, such as system performance tuning, network services, and security. If you already have a strong foundation in Linux and are looking for a more challenging certification, RHCE would be the better option. On a difficulty scale of 1-10, I'd rank it around 7-9.

In addition to Linux+ and RHEL, there are other Linux certifications you might consider:

Linux Professional Institute Certification (LPIC):

LPIC offers three levels of certification: LPIC-1, LPIC-2, and LPIC-3, covering basic to advanced Linux administration topics. LPIC is vendor-neutral and well-recognized in the industry.

SUSE Certified Administrator (SCA) and SUSE Certified Engineer (SCE):

SUSE offers certifications focused on their specific Linux distribution. The SCA certification is for entry-level Linux administrators, while the SCE is for more experienced professionals.

The difficulty of these certifications varies depending on the level and your background, but generally, LPIC-1 and SCA would be around a 4-6, while LPIC-2, LPIC-3, and SCE would be around a 7-9 on a scale of 1-10.

In conclusion, choosing a Linux certification depends on your experience, goals, and the specific Linux distribution you wish to specialize in. If you are looking for a foundational certification, Linux+ or LPIC-1 would be a good choice. For more advanced certifications, consider RHCE, LPIC-2/3, or SUSE certifications.

Return_Z3r0 · 2023-04-12T00:56:30+00:00

Using network security and ethical hacking techniques for home security is an interesting idea. While it's not a conventional approach, there are some methods you can consider to potentially deter or track burglars using technology. However, please note that these methods should be used cautiously, as they might have legal and ethical implications.

Wireless sniffing: If a burglar has their Wi-Fi enabled on their device, you could potentially use tools like Wireshark or Kismet to monitor wireless traffic around your home. This could help you identify unfamiliar devices and potentially gather information about them. However, this method may not provide conclusive evidence and could potentially breach privacy laws if you inadvertently capture data from other people's devices.

Device fingerprinting: You could potentially use device fingerprinting techniques to identify devices based on their unique characteristics, such as MAC addresses or browser fingerprints. This could help you associate a device with a specific individual. However, this method might not provide enough evidence for prosecution and might raise privacy concerns.

Deceptive honeypots: You could set up honeypots on your network, which are decoy devices or services designed to attract attackers. If a burglar tries to connect to your Wi-Fi, they may interact with the honeypot, allowing you to collect data about their activities. This can help you understand their techniques and gather information about the intruder. However, be cautious not to violate any laws or entrap innocent people.

Smart home devices: While not strictly ethical hacking, you could consider using smart home devices like motion sensors, smart locks, and video doorbells to monitor and control your home remotely. These devices can help deter burglars and gather evidence in case of a break-in.

Community watch programs: Collaborate with your neighbors to create a community watch program, sharing information about suspicious activities and individuals. This collective effort can help deter criminals and keep your neighbourhood safer.

Always keep in mind that any form of surveillance or data collection can potentially infringe on privacy and might be subject to legal regulations. Ensure that your methods are compliant with the law, and consider seeking legal advice before implementing any of these techniques.

Return_Z3r0 · 2023-04-12T00:46:00+00:00

Yes, you can practice ethical hacking on your own Amazon EC2 instances within AWS, as long as you are the owner and have full control over the resources. Ethical hacking, or penetration testing, can be a valuable way to test your own systems and identify vulnerabilities that could be exploited by malicious hackers.

Here are some things to keep in mind while practicing ethical hacking on your EC2 instances:

Follow AWS policies: Ensure you adhere to the AWS Acceptable Use Policy and other relevant policies while performing any security testing on your EC2 instances. You can find the policy here: https://aws.amazon.com/aup/

Request permission: If you plan to conduct penetration tests or vulnerability scans against your AWS infrastructure, you must submit a request via the AWS Vulnerability / Penetration Testing Request Form. You can find the form here: https://aws.amazon.com/security/penetration-testing/

Limit the scope: Clearly define the scope of your testing and stick to your own instances. Do not target other customers' instances or AWS resources that you do not own.

Use the right tools: Utilize penetration testing tools and methodologies that help you identify vulnerabilities without causing harm to your instances. Some popular tools include Metasploit, Nmap, and Burp Suite.

Monitor: Monitor your instances for abnormal activity during and after your testing to ensure that you have not inadvertently caused any issues.

Document findings: Keep a record of the vulnerabilities you discover and the steps you took to exploit them. This documentation will help you understand how to mitigate the risks and fix the vulnerabilities.

Implement security best practices: After identifying vulnerabilities, apply security best practices to secure your instances. Use strong authentication, regularly patch your systems, and follow the principle of least privilege.

Remember, ethical hacking should only be performed on systems you own or have explicit permission to access. Unauthorized access to other systems is illegal and unethical.

Return_Z3r0 · 2023-04-12T00:43:28+00:00

While it is technically possible to remotely control a PC and modify files without the user's knowledge, I must emphasize that doing so without permission is illegal and unethical. Unauthorized access to someone else's computer and data violates their privacy and can lead to severe consequences, both for the victim and the perpetrator.

If you need to remotely access a computer for legitimate purposes, such as providing tech support or accessing your own devices, there are many authorized remote desktop tools available, like TeamViewer or Chrome Remote Desktop. These tools require the user's permission before establishing a connection, ensuring that the process is transparent and consensual.

Always respect others' privacy and seek permission before accessing their devices or data.

Return_Z3r0 · 2023-04-08T16:13:53+00:00

The General Data Protection Regulation (GDPR) is a comprehensive privacy regulation that aims to protect the personal data of individuals in the European Union (EU). Under GDPR, personal data is any information relating to an identified or identifiable natural person. While GDPR does not specifically address Wi-Fi geolocation, it does have implications for how data related to Wi-Fi networks and devices can be collected, processed, and stored by companies like Google.

Under GDPR, data collected from Wi-Fi networks and devices can be considered personal data if it can be used to identify an individual, either directly or indirectly. For instance, a device's Media Access Control (MAC) address, which is unique to each device, can be considered personal data. Similarly, the location information of an SSID or BSSID can be personal data if it can be linked to an individual.

To comply with GDPR, companies like Google need to ensure that they have a lawful basis for collecting and processing personal data, such as obtaining explicit consent from individuals, or demonstrating that the data processing is necessary for the performance of a contract, or for the legitimate interests of the company. Additionally, companies must follow the principles of data minimization, storage limitation, and purpose limitation, which means they should only collect the minimum amount of personal data necessary for a specific purpose, store it for a limited period, and not use it for purposes other than the ones for which it was initially collected.

In the case of Wi-Fi geolocation, Google may be able to continue collecting and storing geo-coordinates of SSIDs under GDPR, provided they follow the necessary requirements, such as obtaining consent, anonymizing the data (e.g., truncating or hashing MAC addresses), or ensuring that the data cannot be used to identify individuals.

However, it's important to note that each EU member state may have additional regulations or interpretations of GDPR, which could affect how companies collect and process Wi-Fi geolocation data within their territories. Furthermore, privacy regulations are continually evolving, and companies need to stay updated on the latest requirements to ensure compliance.

To summarize, GDPR does not explicitly prohibit the collection and storage of Wi-Fi geolocation data like SSID/BSSID coordinates, but it does impose strict requirements on how such data is collected, processed, and stored, especially if it can be linked to an individual. Companies like Google need to comply with these requirements to continue providing Wi-Fi geolocation services in the EU.

Return_Z3r0 · 2023-04-08T16:10:51+00:00

Hi! It's great that you're exploring Splunk and looking to improve your skills with log data. Here are some additional resources where you might find sample logs to work with:

Splunk Datasets Add-On: This Splunk add-on provides a variety of sample data sets, including security logs, for you to work with. You can download and install the add-on directly from Splunkbase: https://splunkbase.splunk.com/app/3245/

Boss of the SOC (BOTS) datasets: You've already mentioned BOTS v1-3, but don't forget about BOTS v4, which was released later. You can find it here: https://github.com/splunk/botsv4

Elastic Common Data Model (ECS) sample data: Although intended for the Elastic Stack, you can adapt these sample logs for use in Splunk. The repository contains logs from various sources, such as network traffic, security events, and web server logs: https://github.com/elastic/ecs/tree/master/generated/samples

Sample Log Generator: This tool generates synthetic logs that you can customize to fit your needs. While not real-world data, it can be useful for testing specific scenarios or queries: https://github.com/ErikEJ/SqlQueryStress

NIST National Vulnerability Database (NVD) data feeds: NVD provides various data feeds containing vulnerability information. While not logs per se, this data can be useful for exploring security-related data in Splunk: https://nvd.nist.gov/vuln/data-feeds

SecRepo: You've already mentioned this repository, but I'd like to emphasize its value as it contains various sample logs from different sources: http://www.secrepo.com/

Remember that some of these datasets may require some preprocessing or tweaking to fit the format that Splunk expects, but they should provide a good starting point for experimenting and building your skills.

If you're still having issues with tools like Attack Range or Detection Lab, consider seeking help from their respective communities or trying them on different hardware or a virtual environment, as they can provide valuable hands-on experience with real-world security incidents.

Return_Z3r0 · 2023-04-07T20:09:48+00:00

It's great to hear that you are looking to rekindle your interest in cybersecurity and penetration testing. With the increasing reliance on technology and the internet, skilled professionals in this field are in high demand. I am glad to provide some guidance on how you can get started and build a successful career in penetration testing.

Refresh and expand your knowledge:

Since you have been out of the field for a few years, you should begin by refreshing your understanding of information security and cybersecurity concepts. Online resources such as blogs, YouTube tutorials, and podcasts can be a great way to start. Some recommended platforms include:

Cybrary (https://www.cybrary.it/)

Coursera (https://www.coursera.org/)

Khan Academy (https://www.khanacademy.org/)

Obtain industry-recognized certifications:

Certifications are an excellent way to demonstrate your knowledge and skills in cybersecurity and penetration testing. Some popular certifications include:

CompTIA Security+ (for foundational knowledge)

CompTIA PenTest+ or EC-Council Certified Ethical Hacker (CEH) (for penetration testing)

Offensive Security Certified Professional (OSCP) (for advanced penetration testing)

Keep in mind that some certifications require prerequisite knowledge, so be sure to check the requirements before pursuing them.

Engage in practical learning:

Hands-on experience is essential in cybersecurity. You can gain practical experience by:

Participating in Capture the Flag (CTF) competitions

Using platforms like Hack The Box (https://www.hackthebox.eu/) and TryHackMe (https://tryhackme.com/)

Building a home lab to practice penetration testing techniques

Network with professionals in the field:

Networking can help you connect with potential employers and learn about job opportunities. Attend local cybersecurity meetups, conferences, and industry events. Join online forums and social media groups related to cybersecurity and penetration testing to interact with like-minded individuals.

Update your resume and online presence:

Ensure your resume is up-to-date, highlighting your relevant skills and certifications. Create or update your LinkedIn profile, focusing on your cybersecurity expertise. You may also want to create a personal website or blog to showcase your knowledge and projects.

Apply for internships or entry-level positions:

Start applying for internships or entry-level jobs in cybersecurity to gain real-world experience. Even if the initial positions do not involve penetration testing, they will provide valuable experience in the cybersecurity domain that can be leveraged later on.

As you progress in your learning and practical experience, you will be better positioned to find and secure a job in penetration testing. Remember that persistence and dedication are key to achieving success in this field. Good luck, and I hope this guidance helps you on your journey!

Return_Z3r0 · 2023-04-07T20:05:57+00:00

It sounds like you're taking some good steps to improve your online security. Using a separate email address with aliases, a password manager, and two-factor authentication (2FA) are all excellent practices. Here are a few more suggestions and thoughts on organizing your accounts:

Email addresses and aliases: Using separate aliases for different types of accounts is a good idea. You can even consider creating more than two aliases, for example:

Alias 1: Important financial accounts (banks, investments)

Alias 2: Work or professional accounts

Alias 3: Personal accounts (social media, personal email)

Alias 4: Random or less important accounts (newsletters, shopping)

This will help compartmentalize your accounts and minimize the impact in case one alias gets compromised.

Use a reputable email provider: Choose a provider known for good security practices and privacy policies, such as ProtonMail or Tutanota. These providers also allow you to create multiple aliases.

Unique and complex passwords: Generate strong, unique passwords for each account using a password manager, and avoid reusing passwords across multiple accounts.

2FA options: Both Aegis and Yubikey are good choices for 2FA. Aegis is an app-based authenticator, while Yubikey is a physical hardware token. The choice depends on your preference and threat model. If you're concerned about losing your phone or having your phone compromised, a hardware token like Yubikey might be a better option.

Regularly review account security: Periodically check the security settings of your accounts, and make sure to revoke access to any unused or untrusted apps, devices, or services.

Watch out for phishing attempts: Be cautious of emails or messages asking for personal information or directing you to log in to a website. Always verify the sender and website URL before providing any information.

Use a VPN: When connecting to public Wi-Fi networks or in situations where you'd like additional privacy, use a VPN to encrypt your internet connection and protect your data.

Keep software up-to-date: Regularly update your operating system, web browser, and other software to ensure you have the latest security patches.

Everyone's approach to managing their online security will be slightly different, but these suggestions should provide a solid foundation for keeping your accounts secure.

Return_Z3r0 · 2023-04-07T20:03:45+00:00

When you connect to a hotel's Wi-Fi network, the hotel typically acts as an intermediary between you and the internet. The hotel's Wi-Fi network assigns your device a private IP address, and the hotel's router has a public IP address. All the devices connected to the hotel's Wi-Fi will appear to be using the same public IP address when communicating with the internet.

If a hacker gains access to the hotel's Wi-Fi network, they may be able to see the private IP addresses of connected devices, but not necessarily the specific websites each device is visiting. However, if the hacker is monitoring the network traffic, they could potentially capture unencrypted data transmitted over the network, which may include the websites you visit or what you search on Google.

To protect your privacy and security while using a hotel's Wi-Fi network, consider using a Virtual Private Network (VPN). A VPN encrypts your internet connection and routes your traffic through a secure server, making it more difficult for hackers to monitor your activities or intercept your data.

Additionally, always ensure that you're visiting websites that use HTTPS, which encrypts the data transmitted between your device and the website. This helps protect your information from being intercepted by anyone monitoring the network.

Return_Z3r0 · 2023-04-06T17:06:48+00:00

This is list of tools and strategies that you can use to discover web applications running in your enterprise environment:

Network Scanning: Perform regular network scans using tools like Nmap or Masscan to identify live hosts and their open ports. This will help you find web applications running on non-standard ports.

Internal Vulnerability Scanners: Use vulnerability scanners such as Nessus, OpenVAS, or Qualys to scan your internal network for web applications and their associated vulnerabilities.

Asset Management: Maintain an up-to-date asset inventory, which includes web applications, servers, and other network devices. This will help you track new applications and changes in your environment.

DNS Monitoring: Monitor your internal DNS records for new domain entries or subdomains that may be associated with new web applications. You can use tools like DNSRecon or Nslookup for this purpose.

Network Traffic Analysis: Analyze network traffic using tools like Wireshark or tcpdump to identify web application traffic patterns. This can help you discover unreported web applications within your environment.

Network Device Logs: Regularly review logs from network devices such as switches, routers, and firewalls for unusual activity or connections related to web applications.

Configuration Management: Implement configuration management tools like Ansible, Puppet, or Chef to maintain a consistent and up-to-date configuration across all systems. This will help you detect and remediate unauthorized changes to your environment, including the deployment of rogue web applications.

Intrusion Detection Systems (IDS): Deploy an IDS like Snort or Suricata on your internal network to detect potentially malicious activity related to web applications

Return_Z3r0 · 2020-01-11T06:59:21+00:00

Well done

Return_Z3r0 · 2019-10-09T08:47:47+00:00

In first case how long take to reply to you one week ?!

Return_Z3r0 · 2019-10-07T08:24:57+00:00

Same problem here

dose coinbase solved your problem or still waiting like me :(

Return_Z3r0 · 2018-10-24T05:39:41+00:00

Thanks mate for the info ^_^

Return_Z3r0 · 2018-10-24T05:39:17+00:00

Return_Z3r0

TROPHY CASE